On Jan 18, 2006, at 5:47 PM, Mark Baker wrote:
> Ah, I just read some of the responses. Dan's surprises me;
>
> "Asking a question is asking a question; whether it's a hard question
> or
> not seems orthogonal to safety."
>
> If by "safety" Dan's thinking about the absence of a change in state
> (which I think you mentioned was your understanding, Kendall), then I
> disagree, but let me try to put my position in those terms.
>
> If I asked you "What are the prime factors of this kazillion-digit
> integer", that's a question that would take a large amount of time and
> money to answer.
Maybe. Or maybe the server has the answer stored already and
just has to look it up in a table/cache.
> And if it costs money to answer, then that requires
> your bank account be debited by that amount of money, which is a state
> change.
Asking a question doesn't compel anybody to answer. The server
can just say "gee... hard question; I dunno" and decline to answer
(with a 403 QueryRequestRefused answer).
Besides, writing log file entries is a change of state too; but
it's not a change of state that the client is accountable for.
[[
Naturally, it is not possible to ensure that the server does not
generate side-effects as a result of performing a GET request; in
fact, some dynamic resources consider that a feature. The important
distinction here is that the user did not request the side-effects,
so therefore cannot be held accountable for them.
]]
-- 9.1.1 Safe Methods
http://www.ietf.org/rfc/rfc2616.txt
<- http://www.w3.org/2001/tag/doc/whenToUseGet.html
> Food for thought ...
>
> Mark.
>
--
Dan Connolly, W3C http://www.w3.org/People/Connolly/